Fraudulent E-Mail Survey

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being sent from the FDIC.

The e-mail exhibits the “Subject” line: “SURVEY CODE: STJSPNUPUT”. The “From” line may exhibit variations; however, the messages are similar.

The email states, “You have been chosen by the FDIC to take part in our quick and easy 5 questions survey. In return we will credit $100 to your account just for your time!” The recipient is then instructed to “Click here to Continue.”Recipients should not click on the link provided.

This email and link are fraudulent. Recipients should consider the intent of the email as an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. As a reminder, the FDIC does not send unsolicited emails to consumers or business account holders.

New Phishing Scheme

We are receiving reports of phishing emails being sent from what appears to be coming from our online banking service provider with an email address of customer _service @cm.netteller.com with the subject line of NetTeller Watch Notice. These are “Phishing emails” trying to get customers to click on the embedded access link. These emails are not coming from the bank or our online banking service provider. Please be advised that if you receive an email, that you NOT to clink on the link. It is recommended to permanently delete the email.

Just as a reminder Central National Bank nor our service provider would send an unsolicited email requesting you to provide personal information.

If you have questions feel free to contact our Online Services Department at 1-888-262-5456 or email us atinfo@centralnational.com.

Tips for Recognizing and Avoiding Fake Check Scams

Fake check scams are clever tricks designed to steal your money.  You can avoid becoming a victim by recognizing how the scam works and understanding your responsibility for the checks that you deposit into your account.

If someone you don’t know wants to pay you by check but wants you to wire some of the money back, beware!  It’s a scam that could cost you thousands of dollars.  The following list of tips may help to protect you from becoming a victim of this kind of scam.

  • There are many variations of the fake check scam. It could involve someone offering to buy something you advertised, or paying you to work at home.  They may give you an “advance” on a sweepstakes you’ve supposedly won, or pay the first installment on the millions that you’ll receive for agreeing to have money in a foreign country transferred to your bank account for safekeeping.  Whatever the pitch, the person may sound quite convincing.
  • Fake check scammers hunt for victims.  They scan newspaper and online advertisements for people listing items for sale, and check postings on online job sites from people seeking employment.  They place their own ads with phone numbers or email addresses for people to contact them.  And they call or send emails or faxes to people randomly knowing that some will take the bait.
  • They often claim to be in another country.  The scammers say it’s too difficult and complicated to send you the money directly from their country, so they’ll arrange for someone in the U.S. to send you a check.
  • They tell you to wire money to them after you’ve deposited the check. 
    • If you’re selling something, they say they’ll pay you by having someone in the U.S. who owes them money send you a check.  It will be for more than the sale price; you deposit the check, keep what you’re owed, and wire the rest to them.
    • If it’s part of a work-at-home scheme, they may claim that you’ll be processing checks from their “clients.”  You deposit the checks and then wire them the money minus your “pay.”  Or they may send you a check for more than your pay “by mistake” and ask you to wire them the excess.
    • In the sweepstakes and foreign money offer variations of the scam, they tell you to wire them money for taxes, customs, bonding processing, legal fees, or other expenses that must be paid before you can get the rest of the money.
  • The checks are fake but they look real.  In fact, they look so real that even bank tellers may be fooled.  Some are phony cashier’s checks; others look like they’re from legitimate business accounts.  The companies whose names appear may be real, but someone has dummied jut the checks without their knowledge.
  • You don’t have to wait long to use the money, but that doesn’t mean the check is good.  Under federal law, banks have to make the funds you deposit available quickly – usually within one to five days, depending on the type of check.  But just because you can withdraw the money doesn’t mean the check is good, even if it’s a cashier’s check.  It can take weeks for the forgery to be discovered and the check to bounce.
  • You are responsible for the checks you deposit.  That’s because you’re in the best position to determine the risk – you are the one dealing directly with the person who is arranging for the check to be sent to you.  When a check is charged back, the bank deducts the amount that was originally credited to your account.   If there isn’t enough to cover it, they bank will work with you to set up a repayment plan.  There have been cases in which law enforcement authorities have brought charges against the victims because it may look like they were involved in the scam and knew the check was counterfeit.
  • There is no legitimate reason for someone who is giving you money to ask you to wire money back.  If a stranger wants to pay you for something, insist on a cashiers check for the exact amount, preferably from a local bank or a bank that has a branch in your area.

Fraudulent Communication Purporting to be from the Office of the Comptroller of the Currency

Fictitious correspondence, allegedly issued by the Office of the Comptroller of the Currency (OCC) regarding funds purportedly under the control of the OCC and other government entities, is in circulation. Correspondence may be distributed via e-mail, fax, or postal mail.

Any document claiming that the OCC is involved in holding any funds for the benefit of any individual or entity is fraudulent. The OCC does not participate in the transfer of funds for, or on behalf of, individuals, business enterprises, or governmental entities.

The letters may indicate that funds are being held by the OCC, the U.S. Department of Homeland Security, or the U.S. Department of Justice because of the need for payment of a 0.059 percent revenue charge to the U.S. Internal Revenue Service.

The correspondence in question contains forged signatures of actual OCC officials. In addition, the material contains a fictitious mailing address that is not associated with the OCC.

Before responding in any manner to any proposal supposedly issued by the OCC that requests personal information or personal account information, or that requires the payment of any fee in connection with the proposal, you should take steps to verify that the proposal is legitimate.

At a minimum, the OCC recommends that you:

  • Contact the OCC directly to verify the legitimacy of the proposal (1) via e-mail at occalertresponses@occ.treas.gov; (2) by mail to the OCC’s Special Supervision Division, 250 E St. SW; Mail Stop 2-7, Washington, DC 20219; (3) via fax to (202) 874-5214; or (4) by calling the Special Supervision Division at (202) 874-4450.
  • Contact state and/or local law enforcement.
  • File a complaint with the Internet Crime Complaint Center at www.ic3.gov, if the proposal appears to be fraudulent and was received via e-mail or the Internet.
  • File a complaint with the U.S. Postal Inspector Service by telephone at (888) 877-7644, by mail at U.S. Postal Inspection Service, 222 S. Riverside Plaza, Suite 1250, Chicago, IL 60606-6100, or via online complaint form at:https://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx, if the proposal appears to be fraudulent and was delivered through the U.S. Postal Service.

Below is a copy of this fraudulent correspondence, which is being sent  by fraudsters in an attempt to elicit funds and to gather personal information to be used in possible future identification theft.

Fraudulent Email Purporting to be from the Fed

The Federal Reserve Bank has confirmed that there currently are fraudulent emails circulating claiming to be a public service announcement jointly distributed by the Federal Reserve Banks in collaboration with the Internet Crime Compliant Center (IC3) and the National White Collar Crime Center (NW3C).

The email message encourages financial institutions and their employees to visit a rouge website to download the “announcement.”

These are fraudulent emails! Do not click on any of the links or forward to other recipients.
A sample of the email is below:
************************************************************************************************
From: Federal Reserve Financial Services (fedcommunications numbers @ mail – frbservices dot org)
Subject: ATT : Your Name and Organization

This message is to be delivered to: Your Name at Your Organization

In an effort to notify and update all financial institutions and their employees of the recent fraud scenarios The Federal Reserve Banks in collaboration with IC3 and NW3C issued the following message:

A Public Service Announcement has been issued by the Internet Crime Complaint Center (IC3), which is a joint partnership between the FBI and the National White Collar Crime Center (NW3C). Financial Institutions are encouraged to share this public service announcement with account holders.
Visit (Fraudulent link was inserted here) for exact instructions and details on fraud scenarios.

IC3′s website provides a vehicle for consumer’s to file Internet crime complaints. Complaint information will be combined with other related subject information and referred to federal, state, and local law enforcement for the initiation or enhancement of investigations.
****************************************************************************

For Your Protection

At Central National Bank we’re all about service to our customers. And one of the services we provide is fraud monitoring.

For your protection, we recently placed a block on certain types of Central National Bank debit card transactions.  If you have problems using your debit card to conduct International telephone or Internet transactions, it may be due to our attempt to protect your account from fraud. Transactions affected are those that require you to key in your card number in order to make a payment.

This change will not affect traditional retail transactions (those made in person). So, if you’re traveling feel free to continue use your debit card overseas!

We know that being away from home can be tough sometimes. So make sure to let us know if you have travel plans. We can put extra monitoring in place to lend you “peace of mind” while you’re away from home.

Call your local branch if you have questions regarding this change or specific transactions.

We appreciate your business, as well as your patience and understanding! Thank you!

New Fraudulent E-mails Claiming to Be From Equifax

Equifax Corporate Security has received notice that some customers and consumers have received fraudulent emails and/or letters falsely claiming to be from Equifax.

One email purports to be from Global Customer Support Center. The email advises customers that they need to download a zip file in order to maintain their secure connection to Equifax. The file to download, however, contains a link to a malware site. There are also several links in the email to Equifax and Oracle. Other emails/letters ask customers to provide bank name, account number and other confidential information.

If you are an Equifax customer and have clicked on a link in one of these emails, immediately contact Equifax Security at Security.DataAdministration@equifax.com. If you have supplied any bank account numbers or other confidential information requested in a letter, you should immediately contact your financial institution.

If you are an Equifax customer and you have clicked on this link, contact Equifax Corporate Security immediately at (866) 493-5983 or Security.DataAdministration@equifax.com

New Fraudulent E-mails Claiming to Be From FDIC

We have received reports from customers who have received emails much like the one listed below. These e-mails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these e-mails as an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT, under any circumstances, provide any personal financial information through this media.
Financial institutions and consumers should be aware that other subject lines and modifications to the e-mails may occur over time. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.

= = = = = Sample Email = = = = = =

Suspicious E-mails Claiming to Be From FDIC

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that have the appearance of being from the FDIC.

The e-mails appear to be sent from various “@fdic.gov” e-mail addresses, such as “subscriptions@fdic.gov,” “alert@fdic.gov,” or “accounts@fdic.gov.

They have subject lines that read: “FDIC: Your business account” or “FDIC: About Your Business Account.”

The e-mails are addressed to “Business Customer” or “Business Owner” and state “We have important information about your bank” or “…financial institution.” They then ask recipients to “Please click here to find details.”

They conclude with, “This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership.”

These e-mails and the link included are fraudulent and were not sent by the FDIC. Recipients should consider the intent of these e-mails as an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. Recipients should NOT access the link provided within the body of the e-mails and should NOT, under any circumstances, provide any personal financial information through this media.

Financial institutions and consumers should be aware that other subject lines and modifications to the e-mails may occur over time. The FDIC does not directly contact consumers in this manner nor does the FDIC request personal financial information from consumers.

Suspicious E-mails Claiming to Be From NACHA

The Electronic Payments Association has received reports that individuals and/or companies continue to receive fraudulent emails that have the appearance of having been sent from NACHA. These emails vary in content and appear to be transmitted from email addresses associated with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees and/or departments.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

See a sample below.

 

= = = = = Sample Email = = = = = =
From:payments@nacha.org [mailto:payments@nacha.org]
Sent: Tuesday, February 22, 2011 7:32 AM
To: Doe, John
Subject: ACH transaction rejected

The ACH transaction, recently sent from your checking account (by you or any other person), was cancelled by the Electronic Payments Association.

Please click here to view report
——————————————————————

Otto Tobin,
Risk Manager

Posted March 7, 2010

Suspicious E-mails Claiming to Be From the Federal Reserve

There are reports that individuals and/or companies are receiving fraudulent emails that have the appearance of being sent from the Federal Reserve. Specifically, the email claims to be from the Federal Reserve Wire Network and appears to be sent from “fedwire@federalreserve.gov.” See a sample below.

= = = = = Sample Email = = = = = =

From: fedwire@federalreserve.gov[mailto:fedwire@federalreserve.gov]
Sent: Wednesday, March 02, 2011 10:09 AM
To: Doe, John
Subject: Your Wire fund transfer

The Wire transaction , recently sent from your checking account (by you or any other person), was cancelled by the Federal Reserve Wire Network.

Please click here to view details

——————————————————————

Adam Diaz ,
Fraud Department

= = = = = = = = = = = = = = = = = = =

This is a fraudulent email. It was not sent by the Federal Reserve. Do NOT click on any of the links.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.